CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-0399
https://notcve.org/view.php?id=CVE-2017-0399
12 Jan 2017 — An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588756. • http://www.securityfocus.com/bid/95226 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 24EXPL: 0CVE-2017-0400
https://notcve.org/view.php?id=CVE-2017-0400
12 Jan 2017 — An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32584034. • http://www.securityfocus.com/bid/95226 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-0401
https://notcve.org/view.php?id=CVE-2017-0401
12 Jan 2017 — An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588016. • http://www.securityfocus.com/bid/95226 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-0402
https://notcve.org/view.php?id=CVE-2017-0402
12 Jan 2017 — An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32436341. • http://www.securityfocus.com/bid/95226 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2017-0381 – Apple Security Advisory 2017-10-31-8
https://notcve.org/view.php?id=CVE-2017-0381
12 Jan 2017 — An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432. • http://www.securityfocus.com/bid/95248 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-0382
https://notcve.org/view.php?id=CVE-2017-0382
12 Jan 2017 — A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32338390. • http://www.securityfocus.com/bid/95247 •
CVSS: 9.3EPSS: 0%CPEs: 27EXPL: 0CVE-2017-0384
https://notcve.org/view.php?id=CVE-2017-0384
12 Jan 2017 — An elevation of privilege vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32095626. • http://www.securityfocus.com/bid/95239 •
CVSS: 9.3EPSS: 0%CPEs: 27EXPL: 0CVE-2017-0385
https://notcve.org/view.php?id=CVE-2017-0385
12 Jan 2017 — An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32585400. • http://www.securityfocus.com/bid/95239 •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2017-0386
https://notcve.org/view.php?id=CVE-2017-0386
12 Jan 2017 — An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32255299. • http://www.securityfocus.com/bid/95256 •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2017-0387
https://notcve.org/view.php?id=CVE-2017-0387
12 Jan 2017 — An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32660278. • http://www.securityfocus.com/bid/95258 •